EP1770946A2 - Procedure and device for secure providing of Web services - Google Patents

Procedure and device for secure providing of Web services Download PDF

Info

Publication number
EP1770946A2
EP1770946A2 EP06120748A EP06120748A EP1770946A2 EP 1770946 A2 EP1770946 A2 EP 1770946A2 EP 06120748 A EP06120748 A EP 06120748A EP 06120748 A EP06120748 A EP 06120748A EP 1770946 A2 EP1770946 A2 EP 1770946A2
Authority
EP
European Patent Office
Prior art keywords
customer
provider
pot
tan
security device
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
EP06120748A
Other languages
German (de)
French (fr)
Other versions
EP1770946B1 (en
EP1770946A3 (en
Inventor
Andreas Erb
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Atos IT Solutions and Services GmbH
Original Assignee
Siemens AG
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Siemens AG filed Critical Siemens AG
Publication of EP1770946A2 publication Critical patent/EP1770946A2/en
Publication of EP1770946A3 publication Critical patent/EP1770946A3/en
Application granted granted Critical
Publication of EP1770946B1 publication Critical patent/EP1770946B1/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0823Network architectures or network communication protocols for network security for authentication of entities using certificates
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/02Payment architectures, schemes or protocols involving a neutral party, e.g. certification authority, notary or trusted third party [TTP]
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/08Payment architectures
    • G06Q20/12Payment architectures specially adapted for electronic shopping systems
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2463/00Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00
    • H04L2463/102Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00 applying security measure for e-commerce

Definitions

  • the invention relates to the execution of web services between customers and providers whose terminals are connected to each other via a communication network.
  • the aim of the invention is to make the execution of web services between a customer and a provider of such web services safer for both. This is achieved on the basis of the features of the preambles of claims 1, 6 and 9 by their characterizing features.
  • the main advantage of the invention is that the payment and performance is reviewed both generally and currently before the web service to ensure the greatest possible security.
  • a first embodiment ( Figure 1) relates to the booking of travel services as a web service between a tour operator as a customer K, a security device PoT, providers of travel services for flights A (F1), hotel accommodation A (Ho) and transfer buses A (Tb), and an end customer EK.
  • Communication terminals e.g. Personal computer, the tour operator K, the security device PoT and the provider A can be connected via a communication network KN, such as the Internet or an intranet.
  • a communication network KN such as the Internet or an intranet.
  • Customer K and providers A are all registered as users with their addresses and other information, eg their bank details, with the security device PoT, which they all classify as trustworthy. As part of this registration, customer K and vendors A are checked by the PoT security device on the basis of certain criteria with respect to their ability to pay or their ability to pay. Regarding of the customer K, this review may be in a credit check by means of a Schufa request. The verification of the performance of the provider A can also be done, for example, by evaluating the customer satisfaction of customers after completion of a transaction with the provider A.
  • the tour operator decides as customer K, certain travel services, e.g. To acquire a contingent of 500 flights between certain destinations, he asks via his communication terminal first at the securing device PoT a transaction key TAN (1) to [see Fig. 1, 1st request and provision TAN (1)].
  • the security device PoT checks again the solvency of the customer K on the basis of predetermined criteria. This check may be in a new Schufa query, for example, or in the review of a certain, previously granted maximum monthly transaction volume. If the customer K fulfills the specified criteria, then the security device PoT provides the customer K with the transaction key TAN (1) via the communication network KN. This can consist of a number and / or letter combination.
  • the tour operator K books for example, in the electronic flight booking system of the provider A (Fl), selects his desired flight contingent quoting the transaction key TAN (1) and sends his request from [see Fig. 1, 2nd request contingent, TAN ].
  • Provider A F1 then forwards this transaction key TAN (1) to the security device PoT and requests a check of the transaction key TAN (1) [see FIG. 1, 3. Check TAN (1)].
  • the security device PoT checks once again on the basis of predetermined criteria, the solvency of the tour operator K and possibly the performance of the Provider A (Fl). This check may be about checking whether the last credit inquiry for the tour operator K was within a certain period of time. For the provider A (Fl), the check may be a renewed query of customer satisfaction. If the criteria are met, the transaction key TAN (1) is confirmed by the security device PoT to the provider A (Fl).
  • the provider A (Fl) releases the flight quota to the tour operator K and informs the latter of a reference number RN (F1) [FIG. 1, 4. Provide quotas with reference number RN (Fl)].
  • the security device PoT sends a rejection to the provider A (F1).
  • the tour operator K books further contingents of travel services, e.g. Hotel accommodation and transfer busses at the corresponding providers A (Ho) and A (Tb), to each of which a reference number RN (Ho) and RN (Tb) are assigned [Fig. 1, 4. Provide quotas with reference numbers RN (Ho), Rn (Tb)].
  • travel services e.g. Hotel accommodation and transfer busses at the corresponding providers A (Ho) and A (Tb)
  • RN (Ho) and RN (Tb) are assigned [Fig. 1, 4. Provide quotas with reference numbers RN (Ho), Rn (Tb)].
  • the tour operator K In order to process the booking of the end customer EK, the tour operator K requests a new transaction key TAN (2) in the case of the security device PoT, which is issued after a corresponding check shown above [FIG. 1, 6. Request and Provision TAN (2)].
  • the tour operator K calculates the various individual travel services of the providers A (Fl), A (Ho) and A (Tb) with reference to the reference numbers RN (Fl), RN (Tb) and RN (Ho) retrieved [Fig. 1, 7. Demand for individual services, indication TAN (2)]. This is followed by a corresponding, repeated check of the transaction key TAN (2) [FIG. 1, 8. Review TAN (2)]
  • the end customer EK is provided by the tour operator K a booking confirmation of his individual travel services, possibly specifying the reference numbers RN [Fig. 1, 9. Provision of individual services].
  • billing information for the travel services booked by the end customer EK can already be processed by the security device PoT and provided to the tour operator K.
  • the customer K handles printing and franking tasks via the respective web services of the providers A (Dr) and A (Fr) using the securing device PoT.
  • the communication terminals of the customer K, the provider A (Dr) and A (Fr) and a security device PoT via a communication network KN are connected to each other. Likewise, an appropriate registration and initial verification of their payment and / or performance takes place.
  • the customer K first starts a transaction chain by requesting a transaction key TAN (1) from the security device PoT, which asks him accordingly Testing as provided in the embodiment 1 [Fig. 2, 1st request and provision of TAN (1)].
  • FIG. 3 shows the ordering of personnel services D1 and D2 by a customer K via a security device PoT at the providers A1 and A2.
  • the security device PoT acts as an intermediary (so-called proxy), with the customer K and the providers A1 and A2 only interacting with the security device PoT.
  • the security device PoT mediates between the customer K and the providers A1 and A2 when booking, retrieving and providing the personnel services D1 and D2 such that it appears to the customer K as if the web services D1 and D2 provided by the security device PoT and not by the providers A1 and A2. Because the customer K only comes in contact with the security device PoT.
  • the customer requests K quotas from the securing device PoT. These requirements are forwarded by the security device PoT to the providers A1, A2 [FIG. 3, 1st requirement contingent].
  • the providers A1, A2 then provide the quotas D1, D2 with corresponding reference numbers RN (A1 (D1)), RN (A2 (D2)) for the securing device PoT, which in turn forwards them to the customer K [FIG. 2, 2.
  • RN A1 (D1)
  • RN A2 (D2)
  • a use of transaction keys is not required here because between the providers A1 and A2 and the customer K no direct communication takes place.
  • the verification of the payment and / or performance can be made by the security device PoT, without this being recognizable for the customer K and the providers A1 and A2.

Abstract

The method involves connecting terminals of a customer, a provider and a protection device through a communications network (KN). The customer and provider are verified by the protection device based on preset criteria, and payability and efficiency of the customer and provider are verified by the device. A transaction key is requested by the customer before the request of a web service, and a partial performance of the service is requested by the customer with the provider using the key. The partial performance of the service is offered to the customer after the approval of the provider. An independent claim is also included for a protection device for providing a web service.

Description

Die Erfindung bezieht sich auf die Ausführung von Web-Diensten zwischen Kunden und Anbietern, deren Endgeräte über ein Kommunikationsnetzwerk miteinander verbindbar sind.The invention relates to the execution of web services between customers and providers whose terminals are connected to each other via a communication network.

Es handelt sich bei Web-Diensten um Dienste, die aus Applikationen heraus benutzbar sind. Sie sind für die Kommunikation zwischen Kommunikationsendgeräten konzipiert und über verschiedene Plattformen hinweg lauffähig. Beispiele für solche Web-Dienste, die in einem Kommunikationsnetzwerk realisiert sind, sind die:

  • elektronische Buchung eines Fluges oder anderer Reisedienstleistungen,
  • elektronische Abfrage der Bonität eines Kunden,
  • elektronische Bestellung von Personaldienstleistungen, oder
  • elektronische Erteilung eines Druck- und Frankierauftrags.
Web services are services that can be used from applications. They are designed for communication between communication terminals and can be run across different platforms. Examples of such web services implemented in a communication network are:
  • electronic booking of a flight or other travel services,
  • electronic inquiry of the creditworthiness of a customer,
  • electronic ordering of personnel services, or
  • Electronic issue of a print and franking order.

Mit der zunehmenden Verbreitung elektronischer Datenverarbeitung über Kommunikationsnetzwerke - insbesondere das Internet - spielen diese Web-Dienste eine zunehmende Rolle. Immer häufiger sind bei über Web-Dienste realisierten Prozessen nicht mehr nur ein, sondern gleich mehrere Web-Dienste betroffen. Ein Beispiel hierfür ist der oben erwähnte kombinierte Druck- und Frankierauftrag. Eine genaue Zuordnung der jeweils angefallenen Kosten zu den jeweils beteiligten Web-Diensten fällt dabei später häufig schwer.With the proliferation of electronic data processing over communications networks - especially the Internet - these Web services are playing an increasingly important role. More and more frequently, processes implemented via web services no longer affect just one but several web services. An example of this is the above-mentioned combined printing and franking order. A precise assignment of the costs incurred in each case to the respective Web services involved is often difficult later.

Auch die Erbringung von Web-Diensten und die Übermittlung von Gebühreninformationen sind nicht unproblematisch. Das hängt vor allem damit zusammen, dass der an einem Geschäft beteiligte Kunde und der Dienstleistungserbringer in vielen Fällen nichts über die Vertrauens-, Leistungs- bzw. Zahlungsfähigkeit des anderen weiß. Gleichzeitig ist ihnen eine selbstständige Überprüfung des jeweils anderen kaum möglich, da dies den wirtschaftlichen Aufwand enorm erhöhen würde.The provision of web services and the transmission of fee information are not without problems. This is mainly due to the fact that the customer involved in a business and the service provider in many cases, nothing about the trust, performance or solvency the other knows. At the same time, they are hardly able to carry out an independent review of each other, as this would enormously increase the economic outlay.

Hierzu ist bereits ein Verfahren aus der Offenlegungsschrift WO 200065493-A2 bekannt, bei dem ein Vermittler ein Zugangszertifikat generiert, das im Rahmen einer Abrechnungskette als Identifikation zwischen Dienstleistungserbringer und Kunden dient. Der Kunde fordert die Dienstleistung unter Beifügung des Zugangszertifikats beim Dienstleistungserbringer an. Dieser akzeptiert das Zugangszertifikat als Zahlungsversicherung und erbringt die Dienstleistung für den Kunden. Hierbei kann die Vertrauenswürdigkeit, die Zahlungsfähigkeit und die Leistungsfähigkeit der beteiligten Kunden und Dienstleistungserbringer nicht vollständig gewährleistet werden.For this purpose, a method is already known from the published patent application WO 200065493-A2 It is known that an intermediary generates an access certificate that serves as an identification between the service provider and the customer within the framework of a billing chain. The customer requests the service by enclosing the access certificate with the service provider. He accepts the access certificate as payment insurance and provides the service for the customer. The trustworthiness, solvency and performance of participating customers and service providers can not be fully guaranteed.

Ziel der Erfindung ist es, die Ausführung von Web-Diensten zwischen einem Kunden und einem Anbieter solcher Web-Dienste für beide sicherer zu gestalten. Dies wird ausgehend von den Merkmalen der Oberbegriffe der Patentansprüche 1, 6 und 9 erreicht durch deren kennzeichnende Merkmale.The aim of the invention is to make the execution of web services between a customer and a provider of such web services safer for both. This is achieved on the basis of the features of the preambles of claims 1, 6 and 9 by their characterizing features.

Die wesentlichen Merkmale der Erfindung sind die:

  • Verwendung einer von Kunden und Anbieter des Web-Dienstes als vertrauenswürdig akzeptierten Sicherungseinrichtung (Point of Trust),
  • erste Überprüfung von Zahlungs- und/oder Leistungsfähigkeit von Kunde und Web-Dienstanbieter vor Zulassung zum Web-Dienst,
  • wiederholte Überprüfung von Zahlungs- und Leistungsfähigkeit von Kunde und/oder Web-Diensterbringer vor Übermittlung eines Transaktionsschlüssels an den Kunden, um einen bestimmten Web-Dienst anzufordern,
  • abschließende Überprüfung von Zahlungs- und/oder Leistungsfähigkeit von Kunde und/oder Web-Dienstanbieter, wenn der bestimmte Web-Dienst tatsächlich anhand des Transaktionsschlüssels angefordert wird,
  • Übermittlung von Gebühreninformationen nach einer Transaktion durch die vertrauenswürdige Sicherungseinrichtung unter Bezugnahme auf den Transaktionsschlüssel.
The essential features of the invention are:
  • Use of a trusted acceptance by customers and providers of the web service (point of trust),
  • first verification of payment and / or performance of customer and web service provider before admission to the web service,
  • repeated verification of customer and / or web service provider's ability to pay and performance prior to submitting a transaction key to the customer to request a particular web service,
  • final verification of the payment and / or performance of the customer and / or web service provider when the particular web service is actually requested by the transaction key,
  • Transmission of fee information after a transaction by the trusted security device with reference to the transaction key.

Der wesentliche Vorteil der Erfindung ist, dass die Zahlungs- und Leistungsfähigkeit sowohl generell als auch aktuell vor Durchführung des Web-Dienstes überprüft wird, um größtmögliche Sicherheit zu gewährleisten.The main advantage of the invention is that the payment and performance is reviewed both generally and currently before the web service to ensure the greatest possible security.

Im Folgenden wird die Erfindung anhand von Ausführungsbeispielen und mit Bezug auf die beigefügten Zeichnungen verdeutlicht. Dabei zeigen beispielhaft:

Fig. 1
eine auf Web-Diensten basierende Buchung von Reiseleistungen,
Fig. 2
einen als Web-Dienst ausgestalteten Druck- und Frankierauftrag,
Fig. 3
die Bestellung von Personaldienstleistungen als Web-Dienst.
In the following the invention will be clarified by means of embodiments and with reference to the accompanying drawings. Here are an example:
Fig. 1
a web services-based booking of travel services,
Fig. 2
a printing and franking order designed as a web service,
Fig. 3
the appointment of personnel services as a web service.

Ein erstes Ausführungsbeispiel (Figur 1) betrifft die Buchung von Reiseleistungen als Web-Dienst zwischen einem Reiseveranstalter als Kunden K, einer Sicherungseinrichtung PoT, Anbietern von Reiseleistungen für Flüge A(F1), Hotelübernachtungen A(Ho) und Transferbusse A(Tb), und einem Endkunden EK.A first embodiment (Figure 1) relates to the booking of travel services as a web service between a tour operator as a customer K, a security device PoT, providers of travel services for flights A (F1), hotel accommodation A (Ho) and transfer buses A (Tb), and an end customer EK.

Kommunikationsendgeräte, z.B. Personal Computer, des Reiseveranstalters K, der Sicherungseinrichtung PoT und der Anbieter A sind über ein Kommunikationsnetzwerk KN, etwa dem Internet oder einem Intranet, miteinander verbindbar.Communication terminals, e.g. Personal computer, the tour operator K, the security device PoT and the provider A can be connected via a communication network KN, such as the Internet or an intranet.

Kunde K und die Anbieter A sind alle bei der Sicherungseinrichtung PoT, die sie alle als vertrauenswürdig einstufen, als Nutzer mit ihren Adressen und weiteren Informationen, z.B. ihren Bankverbindungsdaten registriert. Im Rahmen dieser Registrierung werden Kunde K und die Anbieter A von der Sicherungseinrichtung PoT anhand bestimmter Kriterien hinsichtlich ihrer Leistungs-, bzw. Zahlungsfähigkeit überprüft. Hinsichtlich des Kunden K kann diese Überprüfung etwa in einer Bonitätsprüfung mittels einer Schufa-Anfrage liegen. Die Überprüfung der Leistungsfähigkeit der Anbieter A kann darüber hinaus beispielsweise durch die Auswertung der Kundenzufriedenheit von Kunden nach Abschluss einer Transaktion mit dem Anbieter A erfolgen.Customer K and providers A are all registered as users with their addresses and other information, eg their bank details, with the security device PoT, which they all classify as trustworthy. As part of this registration, customer K and vendors A are checked by the PoT security device on the basis of certain criteria with respect to their ability to pay or their ability to pay. Regarding of the customer K, this review may be in a credit check by means of a Schufa request. The verification of the performance of the provider A can also be done, for example, by evaluating the customer satisfaction of customers after completion of a transaction with the provider A.

Entscheidet sich der Reiseveranstalter als Kunde K, bestimmte Reiseleistungen, z.B. ein Kontingent von 500 Flügen zwischen bestimmten Flugzielen, zu erwerben, so fordert er über sein Kommunikationsendgerät zunächst bei der Sicherungseinrichtung PoT einen Transaktionsschlüssel TAN(1) an [siehe Fig. 1, 1. Anforderung und Bereitstellung TAN(1)]. Die Sicherungseinrichtung PoT überprüft daraufhin erneut die Zahlungsfähigkeit des Kunden K aufgrund vorgegebener Kriterien. Diese Überprüfung kann etwa in einer erneuten Schufa-Abfrage liegen oder aber auch in der Überprüfung eines bestimmten, zuvor eingeräumten maximalen monatlichen Transaktionsvolumens. Erfüllt der Kunde K die vorgegebenen Kriterien, so stellt die Sicherungseinrichtung PoT dem Kunden K über das Kommunikationsnetzwerk KN den Transaktionsschlüssel TAN(1) zur Verfügung. Dieser kann etwa in einer Zahlen- und oder Buchstabenkombination bestehen.If the tour operator decides as customer K, certain travel services, e.g. To acquire a contingent of 500 flights between certain destinations, he asks via his communication terminal first at the securing device PoT a transaction key TAN (1) to [see Fig. 1, 1st request and provision TAN (1)]. The security device PoT then checks again the solvency of the customer K on the basis of predetermined criteria. This check may be in a new Schufa query, for example, or in the review of a certain, previously granted maximum monthly transaction volume. If the customer K fulfills the specified criteria, then the security device PoT provides the customer K with the transaction key TAN (1) via the communication network KN. This can consist of a number and / or letter combination.

Der Reiseveranstalter K bucht sich dann beispielsweise in das elektronische Flugbuchungssystem des Anbieters A(Fl) ein, wählt sein gewünschtes Flugkontingent unter Angabe des Transaktionsschlüssels TAN(1) aus und schickt seine Anfrage ab [siehe Fig. 1, 2. Anforderung Kontingent, Angabe TAN].The tour operator K books, for example, in the electronic flight booking system of the provider A (Fl), selects his desired flight contingent quoting the transaction key TAN (1) and sends his request from [see Fig. 1, 2nd request contingent, TAN ].

Anbieter A(F1) leitet diesen Transaktionschlüssel TAN(1) dann an die Sicherungseinrichtung PoT weiter und verlangt eine Überprüfung des Transaktionsschlüssels TAN(1) [siehe Fig. 1, 3. Überprüfung TAN(1)].Provider A (F1) then forwards this transaction key TAN (1) to the security device PoT and requests a check of the transaction key TAN (1) [see FIG. 1, 3. Check TAN (1)].

Die Sicherungseinrichtung PoT überprüft daraufhin ein weiteres Mal anhand vorgegebener Kriterien die Zahlungsfähigkeit des Reiseveranstalter K und ggf. die Leistungsfähigkeit des Anbieters A(Fl). Diese Überprüfung kann etwa in der Prüfung liegen, ob die letzte Bonitätsabfrage für den Reiseveranstalter K innerhalb eines gewissen Zeitraumes lag. Für den Anbieter A(Fl) kann die Überprüfung in einer erneuten Abfrage der Kundenzufriedenheit liegen. Sind die Kriterien erfüllt, so wird der Transaktionsschlüssel TAN(1) von der Sicherungseinrichtung PoT gegenüber dem Anbieter A(Fl) bestätigt.The security device PoT then checks once again on the basis of predetermined criteria, the solvency of the tour operator K and possibly the performance of the Provider A (Fl). This check may be about checking whether the last credit inquiry for the tour operator K was within a certain period of time. For the provider A (Fl), the check may be a renewed query of customer satisfaction. If the criteria are met, the transaction key TAN (1) is confirmed by the security device PoT to the provider A (Fl).

Ist die Prüfung positiv verlaufen, weil die Kriterien erfüllt sind, gibt der Anbieter A(Fl) das Flugkontingent gegenüber dem Reiseveranstalter K frei und teilt diesem eine Referenznummer RN(Fl) mit [Fig. 1, 4. Bereitstellung Kontingente mit Referenznummer RN(Fl)].If the test was positive because the criteria are met, the provider A (Fl) releases the flight quota to the tour operator K and informs the latter of a reference number RN (F1) [FIG. 1, 4. Provide quotas with reference number RN (Fl)].

Verläuft die Überprüfung der Kriterien negativ, so sendet die Sicherungseinrichtung PoT eine Ablehnung an den Anbieter A(F1).If the verification of the criteria is negative, the security device PoT sends a rejection to the provider A (F1).

In entsprechender Weise bucht der Reiseveranstalter K weitere Kontingente von Reiseleistungen, wie z.B. Hotelübernachtungen und Transferbusse bei den entsprechenden Anbietern A(Ho) und A(Tb), denen jeweils eine Referenznummer RN(Ho) und RN(Tb) zugeordnet wird [Fig. 1, 4. Bereitstellung Kontingente mit Referenznummer RN(Ho), Rn(Tb)].In a similar manner, the tour operator K books further contingents of travel services, e.g. Hotel accommodation and transfer busses at the corresponding providers A (Ho) and A (Tb), to each of which a reference number RN (Ho) and RN (Tb) are assigned [Fig. 1, 4. Provide quotas with reference numbers RN (Ho), Rn (Tb)].

Wird später von einem Endkunden EK bei dem Reiseveranstalter K eine Pauschalreise bestehend aus Flug, Hotel und Transferbus gebucht, so wird der jeweiligen gebuchten Einzelreiseleistung jeweils die dem jeweiligen Kontingent entsprechende Referenznummer RN(Fl), RN(Ho) und RN(Tb) zugeordnet [Fig. 1, 5. Endkundenbuchung unter Bezugnahme auf Referenznummer RN].If a package holiday consisting of flight, hotel and transfer bus is later booked by an end customer EK at the tour operator K, then the respective reserved individual travel service is assigned the respective reference numbers RN (Fl), RN (Ho) and RN (Tb) [ FIG. 1, 5th consumer booking with reference to reference number RN].

Um die Buchung des Endkunden EK abzuwickeln, fordert der Reiseveranstalter K einen neuen Transaktionsschlüssel TAN(2) bei der Sicherungseinrichtung PoT an, der nach entsprechender, oben dargestellter Prüfung erteilt wird [Fig. 1, 6. Anforderung und Bereitstellung TAN(2)].In order to process the booking of the end customer EK, the tour operator K requests a new transaction key TAN (2) in the case of the security device PoT, which is issued after a corresponding check shown above [FIG. 1, 6. Request and Provision TAN (2)].

Mit diesem neuen Transaktionsschlüssel TAN(2) werden vom Reiseveranstalter K die verschiedenen Einzelreiseleistungen der Anbieter A(Fl), A(Ho) und A(Tb) unter Bezugnahme auf die Referenznummern RN(Fl), RN(Tb) und RN(Ho) abgerufen [Fig. 1, 7. Abruf Einzelleistung, Angabe TAN(2)]. Es folgt eine entsprechende, wiederholte Überprüfung des Transaktionsschlüssels TAN(2) [Fig. 1, 8. Überprüfung TAN(2)]With this new transaction key TAN (2), the tour operator K calculates the various individual travel services of the providers A (Fl), A (Ho) and A (Tb) with reference to the reference numbers RN (Fl), RN (Tb) and RN (Ho) retrieved [Fig. 1, 7. Demand for individual services, indication TAN (2)]. This is followed by a corresponding, repeated check of the transaction key TAN (2) [FIG. 1, 8. Review TAN (2)]

Dem Endkunden EK wird vom Reiseveranstalter K eine Buchungsbestätigung seiner Einzelreiseleistungen, ggf. unter Angabe der Referenznummern RN bereitgestellt [Fig. 1, 9. Bereitstellung Einzelleistung].The end customer EK is provided by the tour operator K a booking confirmation of his individual travel services, possibly specifying the reference numbers RN [Fig. 1, 9. Provision of individual services].

Im Ergebnis ist es damit möglich, die Abrufe von Einzelreiseleistungen aus verschiedenen Kontingenten einzelnen Endkunden EK zuzuordnen.As a result, it is possible to assign the calls for individual trip services from different contingents to individual end customers EK.

In einer vorteilhaften Ausführung können Abrechnungsinformationen für die vom Endkunden EK gebuchten Reiseleistungen schon von der Sicherungseinrichtung PoT verarbeitet werden und dem Reiseveranstalter K bereitgestellt werden.In an advantageous embodiment, billing information for the travel services booked by the end customer EK can already be processed by the security device PoT and provided to the tour operator K.

In einem zweiten Ausführungsbeispiel (Figur 2) wickelt der Kunde K Druck- und Frankieraufgaben über die jeweiligen Web-Dienste der Anbieter A(Dr) und A(Fr) unter Verwendung der Sicherungseinrichtung PoT ab.In a second exemplary embodiment (FIG. 2), the customer K handles printing and franking tasks via the respective web services of the providers A (Dr) and A (Fr) using the securing device PoT.

Wie auch im vorangegangenen Ausführungsbeispiel sind die Kommunikationsendgeräte des Kunden K, der Anbieter A(Dr) und A(Fr) und einer Sicherungseinrichtung PoT über ein Kommunikationsnetzwerk KN miteinander verbindbar. Ebenso findet eine entsprechende Registrierung und erste Überprüfung ihrer Zahlungs- und/oder Leistungsfähigkeit statt.As in the previous embodiment, the communication terminals of the customer K, the provider A (Dr) and A (Fr) and a security device PoT via a communication network KN are connected to each other. Likewise, an appropriate registration and initial verification of their payment and / or performance takes place.

Wiederum wird vom Kunden K zunächst eine Transaktionskette begonnen, indem er einen Transaktionsschlüssel TAN(1) von der Sicherungseinrichtung PoT anfordert, der ihm nach entsprechender Prüfung wie im Ausführungsbeispiel 1 bereitgestellt wird [Fig. 2, 1. Anforderung und Bereitstellung TAN(1)].Again, the customer K first starts a transaction chain by requesting a transaction key TAN (1) from the security device PoT, which asks him accordingly Testing as provided in the embodiment 1 [Fig. 2, 1st request and provision of TAN (1)].

Unter Angabe dieses Transaktionsschlüssels TAN(1) werden bei den Anbietern A(Dr) und A(Fr) bestimmte Kontingente ihrer jeweiligen Dienstleistungen gebucht [Fig. 2, 2. Anforderung Kontingente, Angabe TAN(1)]. Nachdem eine dem Ausführungsbeispiel 1 entsprechende Überprüfung des Transaktionsschlüssels TAN(1) durch die Sicherungseinrichtung PoT stattgefunden hat [Fig. 2, 3. Überprüfung TAN(1)], wird das jeweilige Kontingent von den Anbietern A(Dr) und A(Fr) unter Angabe einer Referenznummer RN(Dr) und RN(Fr) bereitgestellt [Fig. 2, 4. Bereitstellung Kontingent mit Referenznummer RN].By specifying this transaction key TAN (1), certain quotas of their respective services are posted at the providers A (Dr) and A (Fr) [FIG. 2, 2nd requirement quotas, indication TAN (1)]. After a corresponding to the embodiment 1 verification of the transaction key TAN (1) has taken place by the security device PoT [Fig. 2, 3. Check TAN (1)], the respective contingent is provided by the providers A (Dr) and A (Fr) stating a reference number RN (Dr) and RN (Fr) [Fig. 2, 4. Provision contingent with reference number RN].

Die Anforderung von Einzelleistungen vom Kunden K an die Anbieter A aus diesen Kontingenten erfolgt wiederum entsprechend dem Ausführungsbeispiel 1 unter Verwendung eines neuen, von der Sicherungseinrichtung auf Anfrage bereitgestellten und überprüften TAN(2) unter Angabe der entsprechenden Referenznummer RN(Dr) und RN(Fr) [Fig. 2, 5. Anforderung und Bereitstellung TAN(2) und Fig. 2, 6. Abruf Einzelleistung, Fig. 2, 7. Überprüfung TAN(2), Fig. 2, 8. Bereitstellung Einzelleistung].The request of individual services from the customer K to the provider A from these quotas again according to the embodiment 1 using a new, provided by the security device on request and checked TAN (2) stating the corresponding reference number RN (Dr) and RN (Fr ) [Fig. 2, 5. Requesting and Providing TAN (2) and FIG. 2, 6. Retrieving Individual Service, FIG. 2, 7. Checking TAN (2), FIG. 2, 8. Providing Individual Service].

Wiederum ist es so möglich, die Abrufe der Web-Dienste aus verschiedenen Kontingenten unter Verwendung der entsprechenden Referenznummern RN später genau zuordnen zu können.Again, it is possible to later assign the views of the web services from different quotas using the corresponding reference numbers RN later.

Ein abschließendes Ausführungsbeispiel (Fig. 3) zeigt die Bestellung von Personaldienstleistungen D1 und D2 durch einen Kunden K über eine Sicherungseinrichtung PoT bei den Anbietern A1 und A2. Hier agiert die Sicherungseinrichtung PoT als Vermittler (sog. Proxy), wobei Kunde K und die Anbieter A1 und A2 jeweils nur mit der Sicherungseinrichtung PoT interagieren.A final embodiment (FIG. 3) shows the ordering of personnel services D1 and D2 by a customer K via a security device PoT at the providers A1 and A2. Here, the security device PoT acts as an intermediary (so-called proxy), with the customer K and the providers A1 and A2 only interacting with the security device PoT.

Kunde K, Anbieter A1 und Anbieter A2 sind wie in den vorangegangenen Ausführungsbeispielen bei der Sicherungseinrichtung PoT nach einer Überprüfung registriert.Customer K, provider A1 and provider A2 are registered with the securing device PoT after a check, as in the preceding exemplary embodiments.

In diesem Ausführungsbeispiel wird durch die Sicherungseinrichtung PoT zwischen dem Kunden K und den Anbietern A1 und A2 bei Buchung, Abruf und Bereitstellung der Personaldienstleistungen D1 und D2 derart vermittelt, dass es für den Kunden K so erscheint, als würden die Web-Dienste D1 und D2 von der Sicherungseinrichtung PoT und nicht von den Anbietern A1 und A2 erbracht. Denn der Kunde K tritt nur mit der Sicherungseinrichtung PoT in Kontakt.In this embodiment, the security device PoT mediates between the customer K and the providers A1 and A2 when booking, retrieving and providing the personnel services D1 and D2 such that it appears to the customer K as if the web services D1 and D2 provided by the security device PoT and not by the providers A1 and A2. Because the customer K only comes in contact with the security device PoT.

Gleichzeitig erscheint es für die Anbieter A1 und A2 so, als würden die Web-Dienste D1 und D2 von der Sicherungseinrichtung PoT in Anspruch genommen, denn auch sie treten nur mit der Sicherungseinrichtung PoT und nicht mit dem Kunden K in Kontakt.At the same time it appears for the providers A1 and A2 as if the web services D1 and D2 were claimed by the security device PoT, because they too only come into contact with the security device PoT and not with the customer K.

Zunächst werden vom Kunden K Kontingente bei der Sicherungseinrichtung PoT angefordert. Diese Anforderungen werden von der Sicherungseinrichtung PoT an die Anbieter A1, A2 weitergeleitet [Fig. 3, 1. Anforderung Kontingent].First, the customer requests K quotas from the securing device PoT. These requirements are forwarded by the security device PoT to the providers A1, A2 [FIG. 3, 1st requirement contingent].

Die Anbieter A1, A2 stellen daraufhin die Kontingente D1, D2 mit entsprechenden Referenznummern RN(A1(D1)), RN(A2(D2)) für die Sicherungseinrichtung PoT bereit, die diese wiederum an den Kunden K weiterleitet [Fig. 2, 2. Bereitstellung Kontingente mit Referenznummern RN(A1(D1)), RN(A2(D2))].The providers A1, A2 then provide the quotas D1, D2 with corresponding reference numbers RN (A1 (D1)), RN (A2 (D2)) for the securing device PoT, which in turn forwards them to the customer K [FIG. 2, 2. Provide contingents with reference numbers RN (A1 (D1)), RN (A2 (D2))].

Der Kunde ruft später Einzelleistungen aus diesem Kontingent ab, die ihm daraufhin bereitgestellt werden. Wiederum vermittelt die Sicherungseinrichtung den Abruf und die Bereitstellung zwischen Kunden K und Anbietern A1, A2 [Fig. 3, 3. Abruf Einzelleistung, 4. Bereitstellung Einzelleistung]The customer later calls individual services from this quota, which are then provided to him. Again, the security device mediates the retrieval and provision between customers K and providers A1, A2 [Fig. 3, 3. On demand individual service, 4. Provision of individual services]

Eine Verwendung von Transaktionsschlüsseln ist hier nicht erforderlich, da zwischen den Anbietern A1 und A2 und dem Kunden K keine direkte Kommunikation stattfindet. Die Überprüfung der Zahlungs- und/oder Leistungsfähigkeit kann jeweils von der Sicherungseinrichtung PoT vorgenommen werden, ohne dass dies für den Kunden K und die Anbieter A1 und A2 erkennbar ist.A use of transaction keys is not required here because between the providers A1 and A2 and the customer K no direct communication takes place. The verification of the payment and / or performance can be made by the security device PoT, without this being recognizable for the customer K and the providers A1 and A2.

Claims (9)

Verfahren zum gesicherten Bereitstellen von Web-Diensten (D) wenigstens eines Anbieters (A) für zumindest einen Kunden (K), dadurch gekennzeichnet, - dass Endgeräte des Kunden (K), des Anbieters (A) und eine Sicherungseinrichtung (PoT) über ein Kommunikationsnetz (KN) verbindbar sind, - dass Kunde (K) und Anbieter (A) von der vertrauenswürdigen eingestuften Sicherungseinrichtung (PoT) anhand vorgesehener Kriterien überprüft und von dieser als zahlungs- und/oder leistungsfähig eingestuft werden, - dass der Kunde (K) vor der Anforderung wenigstens eines Web-Dienstes (D) bei der Sicherungseinrichtung (PoT) einen Transaktionsschlüssel (TAN(1)) anfordert, der ihm daraufhin nach Überprüfung seiner aktuellen Zahlungs- und/oder Leistungsfähigkeit gegebenenfalls von der Sicherungseinrichtung (PoT) übermittelt wird, - dass der Kunde (K) mittels dieses Transaktionsschlüssels (TAN(1)) bei dem jeweiligen Anbieter (A) zumindest eine Teilleistung eines Web-Dienstes (D) anfordert, - dass der Anbieter (A) daraufhin bei der Sicherungseinrichtung (PoT) eine Überprüfung des Transaktionsschlüssels (TAN(1)) anfordert und dieser nach abschließender Überprüfung der Zahlungs- und/oder Leistungsfähigkeit des Kunden (K) dem Anbieter (A) gegebenenfalls bestätigt wird und, - dass nach dieser Bestätigung der Anbieter (A) zumindest eine Teilleistung eines Web-Dienstes (D) an den Kunden (K) leistet. Method for the secure provision of web services (D) of at least one provider (A) for at least one customer (K), characterized - that terminals of the customer (K), the provider (A) and a security device (PoT) are connectable via a communication network (KN), that the customer (K) and provider (A) are checked by the trustworthy classified security device (PoT) on the basis of the criteria provided and are classified by the latter as capable of payment and / or performance, - That the customer (K) before the request of at least one web service (D) at the security device (PoT) a transaction key (TAN (1)) requests him then after checking his current payment and / or capacity of the Securing device (PoT) is transmitted, - that the customer (K) by means of this transaction key (TAN (1)) at the respective provider (A) at least a partial service of a web service (D), - That the provider (A) thereupon at the security device (PoT) request a review of the transaction key (TAN (1)) and this after final review of the payment and / or performance of the customer (K) the provider (A) is confirmed if necessary and, - That after this confirmation, the provider (A) performs at least a partial service of a web service (D) to the customer (K). Verfahren nach Anspruch 1, dadurch gekennzeichnet, - dass mit der Bestätigung des Transaktionsschlüssels (TAN(1)) der Anbieter (A) an den Kunden (K) eine Referenznummer (RN) übermittelt, - dass zum Abruf zumindest der Teilleistung eines Web-Dienstes (D) ein weiterer Transaktionsschlüssel (TAN(2)) vom Kunden K bei der Sicherungseinrichtung PoT angefordert und nach Überprüfung des Kunden K diesem Kunden K bereitgestellt wird, - dass zumindest die angeforderte Teilleistung des Web-Dienstes (D) unter Bezugnahme auf die Referenznummer (RN) mit dem Transaktionsschlüssel (TAN(2)) abgerufen wird, - dass nach Überprüfung des Transaktionsschlüssels (TAN(2)) ggf. zumindest die angeforderte Teilleistung des Web-Dienstes (D) geleistet wird. Method according to claim 1, characterized in that - That with the confirmation of the transaction key (TAN (1)), the provider (A) to the customer (K) a reference number (RN) transmitted that for retrieving at least the partial service of a web service (D) a further transaction key (TAN (2)) is requested by the customer K at the security device PoT and provided after checking the customer K of this customer K, that at least the requested partial service of the web service (D) is retrieved with reference to the reference number (RN) with the transaction key (TAN (2)), - That after checking the transaction key (TAN (2)) if necessary, at least the requested partial service of the web service (D) is made. Verfahren nach Anspruch 1, dadurch gekennzeichnet, dass der Kunde (K) nach Ausführung des Web-Dienstes (D) den Transaktionsschlüssel (TAN) bei der Sicherungseinrichtung (PoT) abmeldet und die Sicherungseinrichtung (PoT) dem Kunden (K) unter Bezugnahme auf den Transaktionsschlüssel (TAN) und den Web-Dienst (D) eine Gebühreninformation übermittelt.A method according to claim 1, characterized in that the customer (K) after execution of the web service (D) the transaction key (TAN) at the security device (PoT) logs off and the security device (PoT) the customer (K) with reference to the Transaction key (TAN) and the Web service (D) transmitted a charge information. Verfahren nach Anspruch 1, dadurch gekennzeichnet, dass von der Sicherungseinrichtung (PoT) an den Anbieter (A) des Web-Dienstes (D) unter Bezugnahme auf den Transaktionsschlüssel (TAN) ein Gebührenvorgang eingeleitet wird.A method according to claim 1, characterized in that from the security device (PoT) to the provider (A) of the web service (D) with reference to the transaction key (TAN) a charging process is initiated. Verfahren nach Anspruch 1, dadurch gekennzeichnet, dass der Web-Dienst (D) im Internet und/oder einem Intranet realisiert ist.A method according to claim 1, characterized in that the web service (D) on the Internet and / or an intranet is realized. Verfahren zum gesicherten Bereitstellen von Web-Diensten (D) wenigstens eines Anbieters (A) für zumindest einen Kunden (K), dadurch gekennzeichnet, - dass Endgeräte des Kunden (K), des Anbieters (A) und einer Sicherungseinrichtung (PoT) über ein Kommunikationsnetz (KN) verbindbar sind, - dass Kunde (K) und Anbieter (A) von einer vertrauenswürdigen Sicherungseinrichtung (PoT) anhand vorgesehener Kriterien überprüft und von ihr als zahlungs- und/oder leistungsfähig eingestuft werden, - dass der Kunde (K) bei der Sicherungseinrichtung (PoT) zumindest eine Teilleistung des Web-Dienstes (D) eines Anbieters (A) anfordert, - dass die Sicherungseinrichtung (PoT) die Anforderung als Vermittler (Proxy) an den Anbieter (A) weiterleitet, - dass der Anbieter (A) zumindest eine Teilleistung des Web-Dienstes (D) an die Sicherungseinrichtung (PoT) leitet und diese den Web-Dienst (D) an den Kunden (K) vermittelt. Method for the secure provision of web services (D) of at least one provider (A) for at least one customer (K), characterized - that terminals of the customer (K), the provider (A) and a security device (PoT) are connectable via a communication network (CN), - that customer (K) and provider (A) from a trusted security device (PoT) on the basis provided Be reviewed and considered by her to be solvent and / or efficient, - that the customer (K) at the securing device (PoT) at least a partial service of the web service (D) of a provider (A), - that the securing means (POT) the request as an agent (Proxy) to the provider (A) forwards, - That the provider (A) at least a partial service of the web service (D) to the security device (PoT) directs and this the Web service (D) to the customer (K) mediates. Verfahren nach Anspruch 6, dadurch gekennzeichnet, dass die Sicherungseinrichtung (PoT) den Anbieter (A) des Web-Dienstes (D) unter Bezugnahme auf den Transaktionsschlüssel (TAN) vergebührt.A method according to claim 6, characterized in that the security device (PoT) the provider (A) of the web service (D) with reference to the transaction key (TAN) is charged. Verfahren nach Anspruch 6, dadurch gekennzeichnet, dass der Web-Dienst (D) im Internet und/oder einem Intranet realisiert ist.A method according to claim 6, characterized in that the web service (D) on the Internet and / or an intranet is realized. Sicherungseinrichtung (PoT) für ein gesichertes Bereitstellen von Web-Diensten (D) dadurch gekennzeichnet, dass sie zum Durchführen der Verfahrensschritte nach einem der Patentansprüche 1 bis 8 ausgestaltet ist.Secured device (PoT) for a secure provision of Web services (D), characterized in that it is designed for carrying out the method steps according to one of the claims 1 to 8.
EP06120748A 2005-09-29 2006-09-15 Procedure and device for secure providing of Web services Active EP1770946B1 (en)

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
DE102005046749A DE102005046749A1 (en) 2005-09-29 2005-09-29 Method and device for the secure provision of web services

Publications (3)

Publication Number Publication Date
EP1770946A2 true EP1770946A2 (en) 2007-04-04
EP1770946A3 EP1770946A3 (en) 2007-06-06
EP1770946B1 EP1770946B1 (en) 2011-11-23

Family

ID=37671020

Family Applications (1)

Application Number Title Priority Date Filing Date
EP06120748A Active EP1770946B1 (en) 2005-09-29 2006-09-15 Procedure and device for secure providing of Web services

Country Status (3)

Country Link
EP (1) EP1770946B1 (en)
AT (1) ATE535089T1 (en)
DE (1) DE102005046749A1 (en)

Family Cites Families (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5794221A (en) * 1995-07-07 1998-08-11 Egendorf; Andrew Internet billing method
US5903878A (en) * 1997-08-20 1999-05-11 Talati; Kirit K. Method and apparatus for electronic commerce
AU3952400A (en) * 1999-04-22 2000-11-10 Cloakware Corporation Delegation billing
FR2806185B1 (en) * 2000-03-07 2007-04-20 David Ifergan SECURE PROCESS OF TRANSACTION BETWEEN A BUYER AND A SELLER
GB2372344A (en) * 2001-02-17 2002-08-21 Hewlett Packard Co System for the anonymous purchase of products or services online
EP1265202A1 (en) * 2001-06-04 2002-12-11 Orbis Patents Limited Business-to-business commerce using financial transaction numbers
US20040003287A1 (en) * 2002-06-28 2004-01-01 Zissimopoulos Vasileios Bill Method for authenticating kerberos users from common web browsers

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
None

Also Published As

Publication number Publication date
DE102005046749A1 (en) 2007-04-05
ATE535089T1 (en) 2011-12-15
EP1770946B1 (en) 2011-11-23
EP1770946A3 (en) 2007-06-06

Similar Documents

Publication Publication Date Title
DE19926472C2 (en) Method of transmitting a code
CH704306A1 (en) Method for online triggering of a proof of insurance and device for carrying out the method.
WO2004057824A1 (en) Automatic, connection-based terminal or user authentication in communication networks
EP2476087A2 (en) Payment system, purchasing system, and method for performing a plurality of payment processes
EP1347620B1 (en) Billing the use of content data requiring fee provided in the Internet by using a mobile radio terminal
DE10300515A1 (en) Single sign-on method and apparatus for paying in networks
EP1213689B1 (en) Method for automatic processing of payment operations in electronic commerce and corresponding device
EP1770946B1 (en) Procedure and device for secure providing of Web services
DE102015110366A1 (en) Message delivery and rating system
DE10336519B4 (en) A method of performing payment transactions in a computer-based communication network
EP1158471A1 (en) System, method and program for payment in a telecommunication network
EP1277185B1 (en) Method for reducing the risks of e-commerce transactions
EP1388138B1 (en) Method and arrangement for paying data accessible on a data network
DE10065067B4 (en) Method for verifying user-specific information in a data and / or communication system and data and / or communication system
EP1973298B1 (en) Method for providing Internet services on Internet platforms
EP2757514B1 (en) Method and arrangement for setting up a data communication link
DE10147651C1 (en) Payment transaction method for data network uses management system and anonymous numbered accounts for payment without revealing customer details
EP1093096A2 (en) Method and device for secure processing of E-commerce payment transactions by means of credit cards
WO2001095168A2 (en) Method for the conception and registration of industrial property rights applications
DE10229615A1 (en) Process for the automatic processing of payment transactions in electronic commerce as well as the associated system
DE102009037794A1 (en) Method for swapping services, involves transmitting information related to swap offer from data processing system to another data processing system
CH706879A2 (en) Method for computer-aided opening and managing insurance policy on homepage, involves paying insurance premiums in online by electronic payment medium, and creating and transmitting electronic insurance policy in online or by mails
DE19925427A1 (en) Transaction processing, especially by Internet, involves customer initiating transaction, transmitting customer, transaction IDs to provider, guarantor; latter decides on allowing transaction
DE10148005A1 (en) Processing tasks to fulfill mobile radio credits involves authenticating task output device, sending fulfillment code from credit manager to telephone or fulfillment instruction to manager
EP1413966A1 (en) Computer system and method for processing commercial transactions via data transmission lines

Legal Events

Date Code Title Description
PUAI Public reference made under article 153(3) epc to a published international application that has entered the european phase

Free format text: ORIGINAL CODE: 0009012

AK Designated contracting states

Kind code of ref document: A2

Designated state(s): AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IS IT LI LT LU LV MC NL PL PT RO SE SI SK TR

AX Request for extension of the european patent

Extension state: AL BA HR MK YU

PUAL Search report despatched

Free format text: ORIGINAL CODE: 0009013

AK Designated contracting states

Kind code of ref document: A3

Designated state(s): AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IS IT LI LT LU LV MC NL PL PT RO SE SI SK TR

AX Request for extension of the european patent

Extension state: AL BA HR MK YU

17P Request for examination filed

Effective date: 20071204

17Q First examination report despatched

Effective date: 20080104

AKX Designation fees paid

Designated state(s): AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IS IT LI LT LU LV MC NL PL PT RO SE SI SK TR

GRAP Despatch of communication of intention to grant a patent

Free format text: ORIGINAL CODE: EPIDOSNIGR1

RAP1 Party data changed (applicant data changed or rights of an application transferred)

Owner name: SIEMENS IT SOLUTIONS AND SERVICES GMBH

GRAS Grant fee paid

Free format text: ORIGINAL CODE: EPIDOSNIGR3

GRAA (expected) grant

Free format text: ORIGINAL CODE: 0009210

AK Designated contracting states

Kind code of ref document: B1

Designated state(s): AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IS IT LI LT LU LV MC NL PL PT RO SE SI SK TR

REG Reference to a national code

Ref country code: GB

Ref legal event code: FG4D

Free format text: NOT ENGLISH

REG Reference to a national code

Ref country code: CH

Ref legal event code: EP

REG Reference to a national code

Ref country code: IE

Ref legal event code: FG4D

Free format text: LANGUAGE OF EP DOCUMENT: GERMAN

RAP2 Party data changed (patent owner data changed or rights of a patent transferred)

Owner name: ATOS IT SOLUTIONS AND SERVICES GMBH

REG Reference to a national code

Ref country code: DE

Ref legal event code: R096

Ref document number: 502006010636

Country of ref document: DE

Effective date: 20120119

REG Reference to a national code

Ref country code: NL

Ref legal event code: TD

Effective date: 20120203

REG Reference to a national code

Ref country code: NL

Ref legal event code: T3

LTIE Lt: invalidation of european patent or patent extension

Effective date: 20111123

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: IS

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20120323

Ref country code: LT

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20111123

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: LV

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20111123

Ref country code: SE

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20111123

Ref country code: GR

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20120224

Ref country code: SI

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20111123

Ref country code: PT

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20120323

REG Reference to a national code

Ref country code: IE

Ref legal event code: FD4D

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: CY

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20111123

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: SK

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20111123

Ref country code: IE

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20111123

Ref country code: EE

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20111123

Ref country code: BG

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20120223

Ref country code: DK

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20111123

Ref country code: CZ

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20111123

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: PL

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20111123

Ref country code: RO

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20111123

Ref country code: IT

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20111123

REG Reference to a national code

Ref country code: AT

Ref legal event code: HC

Ref document number: 535089

Country of ref document: AT

Kind code of ref document: T

Owner name: ATOS IT SOLUTIONS AND SERVICES GMBH, DE

Effective date: 20120717

PLBE No opposition filed within time limit

Free format text: ORIGINAL CODE: 0009261

REG Reference to a national code

Ref country code: DE

Ref legal event code: R082

Ref document number: 502006010636

Country of ref document: DE

Representative=s name: WILHELM & BECK, DE

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: NO OPPOSITION FILED WITHIN TIME LIMIT

26N No opposition filed

Effective date: 20120824

REG Reference to a national code

Ref country code: DE

Ref legal event code: R081

Ref document number: 502006010636

Country of ref document: DE

Owner name: ATOS IT SOLUTIONS AND SERVICES GMBH, DE

Free format text: FORMER OWNER: SIEMENS IT SOLUTIONS AND SERVICES GMBH, 81739 MUENCHEN, DE

Effective date: 20120928

Ref country code: DE

Ref legal event code: R082

Ref document number: 502006010636

Country of ref document: DE

Representative=s name: WILHELM & BECK, DE

Effective date: 20120928

Ref country code: DE

Ref legal event code: R081

Ref document number: 502006010636

Country of ref document: DE

Owner name: ATOS IT SOLUTIONS AND SERVICES GMBH, DE

Free format text: FORMER OWNER: SIEMENS AKTIENGESELLSCHAFT, 80333 MUENCHEN, DE

Effective date: 20111125

REG Reference to a national code

Ref country code: DE

Ref legal event code: R097

Ref document number: 502006010636

Country of ref document: DE

Effective date: 20120824

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: ES

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20120305

Ref country code: MC

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20120930

REG Reference to a national code

Ref country code: CH

Ref legal event code: PL

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: FI

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20111123

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: CH

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20120930

Ref country code: LI

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20120930

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: TR

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20111123

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: LU

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20120915

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: HU

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20060915

REG Reference to a national code

Ref country code: FR

Ref legal event code: PLFP

Year of fee payment: 11

REG Reference to a national code

Ref country code: FR

Ref legal event code: PLFP

Year of fee payment: 12

REG Reference to a national code

Ref country code: FR

Ref legal event code: PLFP

Year of fee payment: 13

PGFP Annual fee paid to national office [announced via postgrant information from national office to epo]

Ref country code: NL

Payment date: 20190926

Year of fee payment: 14

PGFP Annual fee paid to national office [announced via postgrant information from national office to epo]

Ref country code: BE

Payment date: 20190926

Year of fee payment: 14

PGFP Annual fee paid to national office [announced via postgrant information from national office to epo]

Ref country code: AT

Payment date: 20190920

Year of fee payment: 14

REG Reference to a national code

Ref country code: NL

Ref legal event code: MM

Effective date: 20201001

REG Reference to a national code

Ref country code: AT

Ref legal event code: MM01

Ref document number: 535089

Country of ref document: AT

Kind code of ref document: T

Effective date: 20200915

REG Reference to a national code

Ref country code: BE

Ref legal event code: MM

Effective date: 20200930

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: NL

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20201001

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: AT

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20200915

Ref country code: BE

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20200930

REG Reference to a national code

Ref country code: DE

Ref legal event code: R079

Ref document number: 502006010636

Country of ref document: DE

Free format text: PREVIOUS MAIN CLASS: H04L0029060000

Ipc: H04L0065000000

REG Reference to a national code

Ref country code: DE

Ref legal event code: R081

Ref document number: 502006010636

Country of ref document: DE

Owner name: BULL SAS, FR

Free format text: FORMER OWNER: ATOS INFORMATION TECHNOLOGY GMBH, 81739 MUENCHEN, DE

Ref country code: DE

Ref legal event code: R081

Ref document number: 502006010636

Country of ref document: DE

Owner name: BULL SAS, FR

Free format text: FORMER OWNER: ATOS IT SOLUTIONS AND SERVICES GMBH, 81739 MUENCHEN, DE

REG Reference to a national code

Ref country code: GB

Ref legal event code: 732E

Free format text: REGISTERED BETWEEN 20221110 AND 20221116

P01 Opt-out of the competence of the unified patent court (upc) registered

Effective date: 20230330

PGFP Annual fee paid to national office [announced via postgrant information from national office to epo]

Ref country code: GB

Payment date: 20230921

Year of fee payment: 18

PGFP Annual fee paid to national office [announced via postgrant information from national office to epo]

Ref country code: FR

Payment date: 20230918

Year of fee payment: 18

Ref country code: DE

Payment date: 20230919

Year of fee payment: 18